Uploaded byDaveN31
PPTX, PDF93 views

Computer system security and control-2.pptx

This document discusses computer system security and control. It outlines the objectives of information security as confidentiality, data integrity, and availability. It also describes various types of information security such as application security, cloud security, cryptography, and infrastructure security. Reasons why computer systems are vulnerable include increased access, disgruntled employees, complexity, cyber crimes, complacent management, and natural disasters. Controls to enhance security involve physical controls, access controls, backups, and administrative procedures.

Embed presentation

Download to read offline
Computer system security and control
Information security is the protection of computer systems and networks from theft or damage to the hardware, software or electronic data as well as from the disruption or misdirection of the services they provide.
Objectives of information security It focuses on three goals: 1. Confidentiality: preventing the disclosure of information to unauthorized users. 2. Data integrity : ensuring the accuracy and authenticity of data. Only authorized persons may edit data and they need to follow procedures to prevent former employees from retaining the ability to alter company data
3. Availability: authorised users should have reliable access to information when they need it TYPES OF INFORMATION SECURITY 1. Application security Involves protecting software applications by preventing, detecting and fixing bugs and vulnerabilities
2. Cloud security Involves protections of data, applications and infrastructures involved in cloud computing 3. Cryptography Covers a lot of techniques for communicating in a secure manner
4. Infrastructure security Eg data centers, internal and external networks, desktops
Reasons why computer systems are vulnerable Increased access to the system Disgruntled/dishonest employees Increased system complexity Cyber terrorism/crime on the internet or hackers Complacent management Modern networked systems
Natural disasters Fire Floods Earthquakes, wind storms and rain lightening
Accidental threats Human errors Procedural errors Software errors Electromechanical problems
International breaches of security Theft Terrorism Computer viruses Unauthorized disclosure or access, modification or destruction or loss of data or information Computer fraud
General controls Physical control Access controls or logical controls eg passwords, biometric identification techniques Back up Administrative controls
Types of Application controls Input controls: are computer controls designed to provide reasonable assurance that transactions are properly authorized before processed by the computer, incorrect transactions are rejected. Processing controls: provide an automated means to ensure processing is complete, accurate and authorized. Output controls: address what is done with data and should compare output results with the intended result by checking the output against the input
Internet and E-commerce challenges Viruses: Is a malicious piece of computer code designed to spread from device to device. Viruses are designed to damage a device or steal data Hackers: A security hacker is someone who explores methods for breaching defenses and exploiting weaknesses in a computer system or network Spamming: The use of messaging systems to send multiple unsolicited messages to large numbers of recipients for the purpose of commercial advertising or for any prohibited purpose
E-commerce controls Firewall: firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. Encryption: is the process of encoding information, that is the process converts the original representation of the information known as plain text into an alternative form known as cipher text. Only authorized parties can decipher a cipher text back to plaintext and access the original information.
Digital signature: is a mathematical technique used to validate the authenticity and integrity of message ,software or digital document. Digital signatures are based on public key cryptography and private key cryptography Authentication : uses password or any biometric technique

More Related Content

PPTX
Computer security ppt for computer science student.pptx
bydagiabebe267
 
PDF
information security introduction for campus students.pdf
byhailegebrielgeta6
 
PPTX
unit -ii security1.pptx for Information system management
byemjalaraju1
 
PPTX
Information Security Bachelor in Information technology unit 1
byssuserf35ac9
 
PPTX
informations_security_presentations.pptx
byFAKHARZAMANPROUD
 
PPT
ch1-1.ppt
byNayyabMirTahir
 
PPTX
Introduction to cyber security module1.pptx
bymeghana25s2000
 
PPTX
Cyber security
byKrishanu Ghosh
 
Computer security ppt for computer science student.pptx
bydagiabebe267
 
information security introduction for campus students.pdf
byhailegebrielgeta6
 
unit -ii security1.pptx for Information system management
byemjalaraju1
 
Information Security Bachelor in Information technology unit 1
byssuserf35ac9
 
informations_security_presentations.pptx
byFAKHARZAMANPROUD
 
ch1-1.ppt
byNayyabMirTahir
 
Introduction to cyber security module1.pptx
bymeghana25s2000
 
Cyber security
byKrishanu Ghosh
 

Similar to Computer system security and control-2.pptx

PPTX
General and Application Control - Security and Control Issues in Informatio...
byDr. Rosemarie Sibbaluca-Guirre
 
PPT
Computer Securityyyyyyyy - Chapter 1.ppt
bySolomonSB
 
PPTX
Lecture one Network Security Introduction.pptx
byAreebaSaeed18
 
PDF
20210629_104540Information Security L1.pdf
byShyma Jugesh
 
PPT
Security (IM).ppt
byGooglePay16
 
PPTX
Unit 1 Network Fundamentals and Security .pptx
byGuna Dhondwad
 
PPTX
INTERNETSECURITY with the different threats
byPrabinPathak5
 
PDF
Unit v
bybharatnaruka90
 
PPTX
Lecture 1 Introduction to Computer Security.pptx
byfarhanghafoor5
 
DOCX
Security and Ethical Challenges Contributors Kim Wanders.docx
byedgar6wallace88877
 
DOCX
Security and Ethical Challenges Contributors Kim Wanders.docx
byfathwaitewalter
 
PPTX
CYBER LAW & ETHICS (PART OF THE JNTUH SYLLABUS
bydeepthikamidi
 
PPTX
CRYPTOGRAPHY AND NETWORK SECURITY ppt by me.pptx
byNune SrinivasRao
 
PPTX
Security for e commerce
byMohsin Ahmad
 
PPT
chapter 1 security.ppt
bygirmawodajo
 
PPTX
Cybersecurity
byEng Hasan Shamroukh CISCO Exams Author
 
PPTX
security in is.pptx
byselvapriyabiher
 
PPTX
Digital literacy lecture 2 data security.pptx
byjohnnderitu16
 
PPTX
Cryptography and network Security--MOD-1.pptx
byMrsPrajnaUR
 
PPTX
It security
byavi2607
 
General and Application Control - Security and Control Issues in Informatio...
byDr. Rosemarie Sibbaluca-Guirre
 
Computer Securityyyyyyyy - Chapter 1.ppt
bySolomonSB
 
Lecture one Network Security Introduction.pptx
byAreebaSaeed18
 
20210629_104540Information Security L1.pdf
byShyma Jugesh
 
Security (IM).ppt
byGooglePay16
 
Unit 1 Network Fundamentals and Security .pptx
byGuna Dhondwad
 
INTERNETSECURITY with the different threats
byPrabinPathak5
 
Unit v
bybharatnaruka90
 
Lecture 1 Introduction to Computer Security.pptx
byfarhanghafoor5
 
Security and Ethical Challenges Contributors Kim Wanders.docx
byedgar6wallace88877
 
Security and Ethical Challenges Contributors Kim Wanders.docx
byfathwaitewalter
 
CYBER LAW & ETHICS (PART OF THE JNTUH SYLLABUS
bydeepthikamidi
 
CRYPTOGRAPHY AND NETWORK SECURITY ppt by me.pptx
byNune SrinivasRao
 
Security for e commerce
byMohsin Ahmad
 
chapter 1 security.ppt
bygirmawodajo
 
Cybersecurity
byEng Hasan Shamroukh CISCO Exams Author
 
security in is.pptx
byselvapriyabiher
 
Digital literacy lecture 2 data security.pptx
byjohnnderitu16
 
Cryptography and network Security--MOD-1.pptx
byMrsPrajnaUR
 
It security
byavi2607
 

More from DaveN31

PPTX
Digital signature.pptx
byDaveN31
 
PPTX
Commercial credit and its types.pptx
byDaveN31
 
PPTX
ACCOUNTING FOR OH.pptx
byDaveN31
 
PPTX
ACCOUNTING FOR MATERIAL.pptx
byDaveN31
 
PPT
CHAPTER ONE(B)- FORMS OF BUSINESS ORGANISATIONS.ppt
byDaveN31
 
PPTX
FIA 1.pptx
byDaveN31
 
PPT
CHAPTER 3-ECONOMIC ENVIRONMENT.ppt
byDaveN31
 
Digital signature.pptx
byDaveN31
 
Commercial credit and its types.pptx
byDaveN31
 
ACCOUNTING FOR OH.pptx
byDaveN31
 
ACCOUNTING FOR MATERIAL.pptx
byDaveN31
 
CHAPTER ONE(B)- FORMS OF BUSINESS ORGANISATIONS.ppt
byDaveN31
 
FIA 1.pptx
byDaveN31
 
CHAPTER 3-ECONOMIC ENVIRONMENT.ppt
byDaveN31
 

Recently uploaded

PDF
Poročilo odbora CIS (CH08873) za leto 2025 na letni skupščini IEEE Slovenija ...
byUniversity of Maribor
 
PDF
BEP-20 Token on BNB Chain: From Concept to Deployment.pdf
byimoliviabennett
 
PPTX
Beyond the Algorithm: Designing Human-Centric Public Service with AI
byAlan Dix
 
PDF
Self-Correction Failure Diagnostic: Detecting Drift in Complex Systems
bySystems Research Group
 
PDF
Python Automation in Action: Real-World Use Cases and Practical Implementation
byDenys Smirnov
 
PDF
Post-Hackathon-Learnings-Maximizing-Impact-Beyond-the-Event.pdf
byishantyadav1111
 
PDF
Why Many Smart Device Platforms Fail to Scale?
byPromeraki Developments
 
PDF
TravelTech Paris 2025 | The EU Digital Identity Wallet and it’s impact on Tra...
byapidays
 
PDF
Chapter 4 Network Security in computer security
byGetnet Tigabie Askale -(GM)
 
PDF
Supercharge Your Copilot-Driven Collaboration with Microsoft 365 Agents SDK
byAntti Koskela
 
PPTX
Retrieval Augmented Generation- The Synergistic Power of Prompt Engineering
bySemantic SEO BD
 
PDF
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
PDF
Understanding Foldable 3-Wheel Electric Scooters for Everyday Use
byTopmate
 
PDF
CI CD Observability, Metrics and DORA - Shifting Left and Cleaning Up! - Febr...
byPeter Souter
 
PDF
Title Installing Windows, Linux, MacOS.pdf
byGeraldAbadajos
 
PPTX
How Does an ICO Launchpad Work Step-by-Step Breakdown.pptx
byTom Hardy S
 
PPTX
TechSprint Inauguration at SJB Institute of Technology held on 18 December 2025
bysuhasspgdg
 
PDF
Analyze and Preserve Logs - RHCSA (RH134).pdf
byLinuxCert Guru
 
PPTX
TechSprint (SJBIT) 2025-26 Hackathon Winners & Awards Ceremony
bysuhasspgdg
 
PDF
Advanced SELinux Management - RHCSA (RH134).pdf
byLinuxCert Guru
 
Poročilo odbora CIS (CH08873) za leto 2025 na letni skupščini IEEE Slovenija ...
byUniversity of Maribor
 
BEP-20 Token on BNB Chain: From Concept to Deployment.pdf
byimoliviabennett
 
Beyond the Algorithm: Designing Human-Centric Public Service with AI
byAlan Dix
 
Self-Correction Failure Diagnostic: Detecting Drift in Complex Systems
bySystems Research Group
 
Python Automation in Action: Real-World Use Cases and Practical Implementation
byDenys Smirnov
 
Post-Hackathon-Learnings-Maximizing-Impact-Beyond-the-Event.pdf
byishantyadav1111
 
Why Many Smart Device Platforms Fail to Scale?
byPromeraki Developments
 
TravelTech Paris 2025 | The EU Digital Identity Wallet and it’s impact on Tra...
byapidays
 
Chapter 4 Network Security in computer security
byGetnet Tigabie Askale -(GM)
 
Supercharge Your Copilot-Driven Collaboration with Microsoft 365 Agents SDK
byAntti Koskela
 
Retrieval Augmented Generation- The Synergistic Power of Prompt Engineering
bySemantic SEO BD
 
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
Understanding Foldable 3-Wheel Electric Scooters for Everyday Use
byTopmate
 
CI CD Observability, Metrics and DORA - Shifting Left and Cleaning Up! - Febr...
byPeter Souter
 
Title Installing Windows, Linux, MacOS.pdf
byGeraldAbadajos
 
How Does an ICO Launchpad Work Step-by-Step Breakdown.pptx
byTom Hardy S
 
TechSprint Inauguration at SJB Institute of Technology held on 18 December 2025
bysuhasspgdg
 
Analyze and Preserve Logs - RHCSA (RH134).pdf
byLinuxCert Guru
 
TechSprint (SJBIT) 2025-26 Hackathon Winners & Awards Ceremony
bysuhasspgdg
 
Advanced SELinux Management - RHCSA (RH134).pdf
byLinuxCert Guru
 

Computer system security and control-2.pptx

  • 1.
  • 2.
    Information security isthe protection of computer systems and networks from theft or damage to the hardware, software or electronic data as well as from the disruption or misdirection of the services they provide.
  • 3.
    Objectives of informationsecurity It focuses on three goals: 1. Confidentiality: preventing the disclosure of information to unauthorized users. 2. Data integrity : ensuring the accuracy and authenticity of data. Only authorized persons may edit data and they need to follow procedures to prevent former employees from retaining the ability to alter company data
  • 4.
    3. Availability: authorisedusers should have reliable access to information when they need it TYPES OF INFORMATION SECURITY 1. Application security Involves protecting software applications by preventing, detecting and fixing bugs and vulnerabilities
  • 5.
    2. Cloud security Involvesprotections of data, applications and infrastructures involved in cloud computing 3. Cryptography Covers a lot of techniques for communicating in a secure manner
  • 6.
    4. Infrastructure security Egdata centers, internal and external networks, desktops
  • 7.
    Reasons why computersystems are vulnerable Increased access to the system Disgruntled/dishonest employees Increased system complexity Cyber terrorism/crime on the internet or hackers Complacent management Modern networked systems
  • 8.
  • 9.
    Accidental threats Human errors Proceduralerrors Software errors Electromechanical problems
  • 10.
    International breaches ofsecurity Theft Terrorism Computer viruses Unauthorized disclosure or access, modification or destruction or loss of data or information Computer fraud
  • 11.
    General controls Physical control Accesscontrols or logical controls eg passwords, biometric identification techniques Back up Administrative controls
  • 12.
    Types of Applicationcontrols Input controls: are computer controls designed to provide reasonable assurance that transactions are properly authorized before processed by the computer, incorrect transactions are rejected. Processing controls: provide an automated means to ensure processing is complete, accurate and authorized. Output controls: address what is done with data and should compare output results with the intended result by checking the output against the input
  • 13.
    Internet and E-commercechallenges Viruses: Is a malicious piece of computer code designed to spread from device to device. Viruses are designed to damage a device or steal data Hackers: A security hacker is someone who explores methods for breaching defenses and exploiting weaknesses in a computer system or network Spamming: The use of messaging systems to send multiple unsolicited messages to large numbers of recipients for the purpose of commercial advertising or for any prohibited purpose
  • 14.
    E-commerce controls Firewall: firewallis a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. Encryption: is the process of encoding information, that is the process converts the original representation of the information known as plain text into an alternative form known as cipher text. Only authorized parties can decipher a cipher text back to plaintext and access the original information.
  • 15.
    Digital signature: isa mathematical technique used to validate the authenticity and integrity of message ,software or digital document. Digital signatures are based on public key cryptography and private key cryptography Authentication : uses password or any biometric technique